In association with heise online

13 February 2008, 13:48

Multiple holes in Cacti spiked

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Security researchers in Italy have discovered multiple security vulnerabilities in the Cacti open source network stats program. These have now been fixed and an updated version has been issued. The vulnerabilities could be exploited by attackers to carry out SQL injection or cross-site scripting attacks.

A number of scripts fail to check arguments passed to them, allowing attackers to send commands to the underlying MySQL database to read or manipulate content. The security advisory lists the files graph_view.php (graph_list parameter), tree.php (leaf_id parameter), graph_xport.php (local_graph_id parameter), tree.php (id parameter) and index.php/login (login_username parameter) as being vulnerable to injection of SQL commands.

Cross-site scripting is apparently possible in the files graph.php (view_type parameter), graph_view.php (filter parameter) and index.php/login (action and login_username parameters). The local_graph_id parameter in graph.php also allows attackers to read the path to Cacti.

The bugs are present in Cacti versions 0.8.7a and earlier. The development team has now released versions 0.8.7b and 0.8.6k in which the vulnerabilities are fixed. Cacti users should download and install the updated version without delay.

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit